XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. G

    Include external authentication for guest users. Here we achived force authetication only in our hotspot. But some sms gateway device need external authentication. Pls add this features

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow option to ignore RADIUS Logoff

    The ability to ignore Logoff requests issued by RADIUS accounting - similar to the feature found in STAS. This is because many wifi providers issue STOP frames as devices roam to RADIUS Accounting, which can cause temporary internet disconnections when roaming.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. hotspot voucher creation with starting validity

    It would be useful to be able to create hotspot vouchers with starting and ending validity , and also to schedule the creation of them

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Non-Sophos WNIC Support

    Some core functionality for other wireless chipsets should be provided, even if it isn't "guaranteed perfect".

    For example, ath9k (Atheros) drivers ship with XG, but cannot be loaded because of a version conflict with a dependency. Atheros chipsets are the most compatible with other linux, and considered to be "100%". The code is all there, and being used in production by other manufacturers.

    Sophos XG Home isn't usable in my circumstance because it doesn't support common wireless chipsets, which is needed in my home. Purchasing a Sophos wireless appliance is possible for my company, but not for me at home!

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Hotspot functionality to support VLAN and custom zone

    The hotspot functionality doesn't show an option to choose VLAN with custom zone. It does show a physical interface with custom zone and a VLAN with LAN/DMZ zone. However it does not show a VLAN that is custom zone, even if the zone is type LAN or DMZ. An example would be two networks that share the same interface: BYOD (physical) and Guest (VLAN). BYOD can be used with a custom zone, but Guest cannot.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. We need Some Report via Wireless Protechtion

    we need report log Bandwidth usage each AP and count live connection about each client connect each AP

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Wireless Site Survey

    I think you can do it on Sophos Cloud, but the ability to upload and mark on on a floor plan where all the access points are, and do site surveys.

    23 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Mixing Wireless Client Traffic Types

    I want to be able to add all my wireless networks to all my access points.
    Currently I cannot mix "Bridge to AP LAN" and "Bridge to VLAN" on the same access point which I could easily do on other wireless systems.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. HotSpot logging

    hotspot

    HotSpot feature lacks logging capabilities.

    For example it would be great to autmatically map and log voucher code with IP address of user that was using it and create reports based on this.
    Without this it's impossible to audit what traffic was generated by that user.

    Same issue is with UTM:
    http://ideas.sophos.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/10924653-logging-for-hotspot-vouchers

    Thanks,
    Lukasz Naumowicz

    39 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Rogue access point detection

    The Sophos XG firewalls should be able to detect rogue access points with APs connected the same way the models with built in wireless do.

    51 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Sophos Access Points to remain working even if XG is unreachable

    The downside we have identified for Sophos APs is that if a remote office with Sophos APs is connected to head-office XG via VPN and everything routes through the VPN, when connectivity is lost, the APs go offline and the remote offices cannot even access their local devices (e.g. printers / local NAS) via WiFi.
    This makes a WAN issue into a much larger impact as the remote offices are unable to work effectively.

    This request is that when XG is not reachable by the AP, it will fallback into an admin defined mode. e.g. if normal mode is bridged…

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Ability to have Internal WiFi & AP Wifi on same LAN Segment

    It seems odd that this is not possible already.

    It should be possible to have the inbuilt WiFi of the XG (i.e.: 105W etc) on the same LAN Segment / Zone / Subnet as an external Sophos AP (i.e.: AP15 etc)

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Wireless redirect to URL after login

    The time it takes after the user logs into the wireless hotspot to redirect them to a URL is too long. It would be great to have a option to enter in how many second before it should redirect to another URL. Editing the HTML to change the seconds before redirecting is very daunting and it should be just an option.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Wireless Hotspot

    Would be great to have the ability to manually create a Hotspot code under "Hotspot type."

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Ending a wireless session

    There is currently no way to see a wireless session and disconnect that person or device from their wireless session. Good security feature for blocking a device or the devices MAC address of that device.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Wireless or network bandwidth limitation

    It would be great to limit a users wireless or wired connection base on bandwidth and bandwidth usage. It would be great for limiting Guest wireless access or for staff that brings in their personal devices.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Hotspot

    Hotspot service has a number of problems.

    1. For some unknown reason Terms of Use entry field is now limited to 1024 characters. This was not the case in UTM 9. 1024 is no where near enough for a usable legal terms of use. This forces you to have to place it on a public web page and just link to it from the Terms of use field.

    2. Live session usage for Hotpot. Currently when someone is logged on to a hotspot using a non Sophos access point there is not live user information and no way to terminate…

    37 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Guest User Management

    We have observed that we can manually create guest users in Sophos XG Firewall, under

    Objects > Identity > Guest Users
    or
    System > Authentication > Guest Users

    The Following Two Things Need To Be Taken Care Of.

    1) After creating the user, in the edit mode, the administrator is not able to edit the guests cell phone number.

    2) Once we trigger print, for the Guest User Credentials, there should have been a provision to add the Company Logo on the Print Out.

    3) Also comments and Instructions that the Administrator would manually enter, which should be printed on…

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Guest WIFI Registration

    Dear Team @ Sophos,

    One of our customer has an requirement for wireless networks.
    They have 3 Sophos AP-55 and one Sophos XG-135.

    The customer has created a Guest SSID, for the guest users.

    Now the requirement is as follows.

    1. The guest users should be able to connect to the guest SSID with a shared wifi password.

    2. Once the try to access the Internet via a web browser, they should be redirected and presented a WIFI registration form, with the following details.
    Full Name:
    Choose Username:
    Choose Password:
    Email Address:
    Cell Phone Number:
    Address:
    Company Name:
    Designation:
    Date: …

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Adding feature to confugre an IP range or CIDR as an allowable Radius accounting requests

    customer got a Meraki Wireless network and basically each WAP processes the request and then would need to forward the accounting request to the Sophos firewall. So without using IP range or cidr they need to enter 150 ips individually.

    If ip range or cidr option is available then It will let then to do radius accounting on wireless network without
    having to put in 150+ radius clients.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
1 2 4 Next →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.